CVE-2018-12437EPSS p41.1%

CVE-2018-12437CVE-2018-12437

libtom / libtomcrypt

Description

LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

Scoring

CVSS 4.9 ()
VectorCVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
EPSS0.54% probability of exploitation · percentile 41.1% · 2026-06-18T12:00:27Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2019-16910
CVE
CVE-2026-42770
CVE
CVE-2026-5260
CVE
CVE-2016-6129
CVE
CVE-2018-19608
CVE
CVE-2025-70888
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.